How to modify Workflow Manager Connection String
There are certain situations that might require you to modify the default WFM connection string (WFManagementDB, WFResourceManagementDB or WFInstanceManagementDBs ), such as SQL databases need to be moved/renamed, wanted to add ‘Failover Partner’ attribute for Mirroring support, etc.
As an example, let’s imagine that we want to modify WFM connection string to add “Failover Partner” attribute (Mirroring support for WFM databases).
Follow below steps depending on your scenario:
Note: We are assuming that Auto-Generated certificated is being used. If this is not your case, you need to adjust certificate parameters as described at Restore-WFFarm and New-WFFarm
Scenario1: You are creating a new WFM farm:
- Execute Workflow Manager Configuration Wizard, selecting the option either “Configure Workflow Manager with Default Settings” or “Configure Workflow Manager with Custom Settings” depending on
your preferences. Follow the wizard till you reach the “Summary” tab and then click “Get PowerShell Commands”.
2. Modify connection string accordingly. Please notice that you can modify the connection string for both “Workflow Manager” and also for “Service Bus”. Following our example, we are modifying all the connections string to add “Failover Partner” attribute, for simplicity just parameters for New-WFFarm cmdlet is shown:
New-WFFarm WFFarmDBConnectionString 'Data Source=<SQL Server>;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>' -InstanceDBConnectionString 'Data Source= <SQL Server>;Initial Catalog=WFInstanceManagementDB;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>' -ResourceDBConnectionString 'Data Source= <SQL Server>;Initial Catalog=WFResourceManagementDB;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>' -AdminGroup 'BUILTIN\Administrators' -HttpsPort 12290 -HttpPort 12291-CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;
3. Once all Connection String have been modifying accordingly, execute all these cmdlets at Workflow Manager PowerShell console.
Scenario 2: Workflow Manager Farm was already created
It is important to highlight that Direct update of DB is not possible (to adhere to Windows Server Security Guidelines all Secure strings are encrypted, also modifying db is not just enough as there are other places where this info is present). So, follow below steps to modify existing connection strings:
1. Execute "Get-WFFarm" cmdlet, to collect information about your current configuration: Certificates thumbprint, connection string, RunAsAccount , Ports numbers, etc. You will need that info on step 3 and 4.
2. Remove all nodes from the Workflow Manager Farm. You can do that from Workflow Configuration Wizard (selecting the option ‘Leave Farm’) or by using Remove-WFHost powershell cmdlet.
3. On one of the farm nodes, call the Restore-WFFarm using the new Connection string. . The cmdlet would be like below:
$SBCertificateAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String '<Pwd you specified during configuration>' -Verbose;
Restore-WFFarm -RunAsAccount 'Administrator' -WFFarmDBConnectionString 'Data Source=<SQL Server>;Initial Catalog=WFManagementDBNew;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>'
-InstanceDBConnectionString 'Data Source= <SQL Server>;Initial Catalog=WFInstanceManagementDB;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>' -ResourceDBConnectionString 'Data Source= <SQL Server>;Initial Catalog=WFResourceManagementDB;Integrated Security=True;Encrypt=False; Failover Partner=<SQL Mirroring Server>' -CertificateAutoGenerationKey $SBCertificateAutoGenerationKey -HttpPort 12291 -HttpsPort 12290 -InstanceStateSyncTime 'Monday, August 31, 2015 10:30:00 AM' -ConsistencyVerifierLogPath 'c:\ConsistencyVerifierlog.txt' –Verbose;
Note: When using Auto-generated certificates, Restore-WFFarm will create a new set of certificates, so thumprint in Workflow Manager Farm (get-WFFarm) will change. If you are using WFM from SharePoint, then you should import the new certificate into SharePoint servers.
Note: The Restore-WFFarm cmdlet creates a new Workflow Management database (WFManagementDBNew, you can delete the old WFManagementDB at the end of this procedure. Once above cmdlets are executed, next two connections strings will have been changed: InstanceDBconnectionString and ResourceDBConnectionString.
4. On all WFM farm nodes, run the Add-WFHost cmdlet.
$WFRunAsPassword = convertto-securestring "<RunAs Account Password>" -asplaintext -force
$WFCertAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String '<Pwd you specified during configuration>' -Verbose;
$SBClientConfiguration = Get-SBClientConfiguration -Namespaces 'WorkflowDefaultNamespace' -Verbose;
Add-WFHost -WFFarmDBConnectionString 'Data Source=BTS2013AAW;Initial Catalog=WFManagementDBNew;Integrated Security=True;Encrypt=False;Failover Partner=<SQL Mirroring Server>' -RunAsPassword $WFRunAsPassword
-EnableFirewallRules $true -SBClientConfiguration $SBClientConfiguration -EnableHttpPort -CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;
5. If you also need to update connection string for Service Bus databases, then follow the procedure described at https://blogs.msdn.com/b/feseca/archive/2015/01/19/how-to-modify-service-bus-connection-string-in-an-existing-service-bus-farm.aspx
Hope you find it interesting!!